Page 1 of 1

show users name

Posted: Thu Oct 27, 2005 10:22 pm
by dru_nasty
I'm trying to show a users name from the database on a page within a members area of the site.
This is what I've got going so far. A connection to the database, a variable $username that stores the users username and a sql query for the persons name.

can someone help me out some?

Code: Select all

<?
include_once('/usr/home/fss/websites/fivestarsports.net/inc/func.inc.php');
$username = $HTTP_COOKIE_VARS['log']['username'];
$db_conn = five_connect_db();
mysql_select_db('fivestar',$db_conn);
$query = "select fname from registered_mem where username = $username";
?>

Posted: Thu Oct 27, 2005 10:39 pm
by feyd
use sessions to store the information instead of a cookie (less dangerous, more often) .. at any rate, you need to put quotes around $username in your query string (and properly escape it)

Posted: Thu Oct 27, 2005 10:41 pm
by dru_nasty
could you please give me an example

Posted: Thu Oct 27, 2005 11:12 pm
by comrad

Code: Select all

<?
include_once('/usr/home/fss/websites/fivestarsports.net/inc/func.inc.php');

$username = $HTTP_COOKIE_VARS['log']['username'];
$db_conn = five_connect_db();
mysql_select_db('fivestar',$db_conn);

$query = "select fname from registered_mem where username = $username";
//------------------
     $result=mysql_query("$query");
    $my=mysql_fetch_assoc($result);
echo"  
My Fname is $my[fname] .<br>
My username is $username <br>";
?>

Posted: Thu Oct 27, 2005 11:27 pm
by dru_nasty
Thanks for providing this, i'll play around with it tomorrow.
I've had enough for tonight.
I'll let you know how it goes.

Posted: Fri Oct 28, 2005 12:13 am
by RobertGonzalez
comrad wrote:

Code: Select all

<?
include_once('/usr/home/fss/websites/fivestarsports.net/inc/func.inc.php');

$username = $HTTP_COOKIE_VARS['log']['username'];
$db_conn = five_connect_db();
mysql_select_db('fivestar',$db_conn);

$query = "select fname from registered_mem where username = $username";
//------------------
     $result=mysql_query("$query");
    $my=mysql_fetch_assoc($result);
echo"  
My Fname is $my[fname] .<br>
My username is $username <br>";
?>

More like this...

Code: Select all

<?
// Use sessions, include this on all sessioned pages
session_start();

include_once('/usr/home/fss/websites/fivestarsports.net/inc/func.inc.php');
// Replace COOKIE var with SESSION var
//$username = $HTTP_COOKIE_VARS['log']['username'];
/*
 * THIS ASSUMES THE SESSION VAR WAS SET PRIOR TO THIS
 */
$username = $_SESSION['username'];
$db_conn = five_connect_db();
mysql_select_db('fivestar',$db_conn);

$query = "select fname from registered_mem where username = $username";
$result=mysql_query($query);
while ($my=mysql_fetch_array($result))
{
    echo "My Fname is " . $my['fname'] . "<br />\n";
    echo "My username is $username.<br />\n";
}
?>

Posted: Fri Oct 28, 2005 1:42 am
by mickd
dont you mean

Code: Select all

$query = "select fname from registered_mem where username = '$username'"; // notice the single quote around the $username...

Posted: Fri Oct 28, 2005 7:36 am
by RobertGonzalez
Yup, I overlooked that. Good catch.